Usually in the STRATFOR Global Security and Intelligence Report, we focus on the tactical details of terrorism and security issues in an effort to explain those issues and place them in perspective for our readers. Occasionally, though, we turn our focus away from the tactical realm in order to examine the bureaucratic processes that shape the way things run in the counterterrorism, counterintelligence and security arena. This look into the struggle by the U.S. government to ensure visa security is one of those analyses.

As STRATFOR has noted for many years now, document-fraud investigations are a very useful weapon in the counterterrorism arsenal. Foreigners who wish to travel to the United States to conduct a terrorist attack must either have a valid passport from their country of citizenship and a valid U.S. visa, or just a valid passport from their home country if they are a citizen of a country that does not require a visa for short-term trips (called visa-waiver countries).

In some early jihadist attacks against the United States, such as the 1993 World Trade Center bombing, the operatives dispatched to conduct the attacks made very clumsy attempts at document fraud. In that case, the two operational commanders dispatched from Afghanistan to conduct the attack arrived at New York’s Kennedy Airport after having used photo-substituted passports (passports where the photographs are literally switched) of militants from visa-waiver countries who died while fighting in Afghanistan. Ahmed Ajaj (a Palestinian) used a Swedish passport in the name of Khurram Khan, and Abdul Basit (a Pakistani also known as Ramzi Yousef) used a British passport in the name of Mohamed Azan. Ajaj attempted to enter through U.S. Immigration at Kennedy Airport using the obviously photo-substituted passport and was arrested on the spot. Basit used the altered British passport to board the aircraft in Karachi, Pakistan, but upon arrival in New York he used a fraudulently obtained but genuine Iraqi passport in the name of Ramzi Yousef to claim political asylum and was released pending his asylum hearing.

But the jihadist planners learned from amateurish cases like Ajaj’s and that of Ghazi Ibrahim Abu Mezer, a Palestinian who attempted to conduct a suicide attack against the New York subway system. U.S. immigration officials arrested him on three occasions in the Pacific Northwest as he attempted to cross into the United States illegally from Canada. By the Millennium Bomb Plot in late 1999, Ahmed Ressam, an Algerian who initially entered Canada using a photo-substituted French passport, had obtained a genuine Canadian passport using a fraudulent baptismal certificate. He then used that genuine passport to attempt to enter the United States in order to bomb Los Angeles International Airport. Ressam was caught not because of his documentation but because of his demeanor — and an alert customs inspector prevented him from entering the country.

So by the time the 9/11 attacks occurred, we were seeing groups like al Qaeda preferring to use genuine travel documents rather than altered or counterfeit documents. Indeed, some operatives, such as Ramzi bin al-Shibh, a Yemeni, were unable to obtain U.S. visas and were therefore not permitted to participate in the 9/11 plot. Instead, bin al-Shibh took on a support role, serving as the communications cutout between al Qaeda’s operational planner, Khalid Sheikh Mohammed, and al Qaeda’s tactical commander for the operation, Mohamed Atta. It is important to note, however, that the 19 9/11 operatives had obtained a large assortment of driver’s licenses and state identification cards, many of them fraudulent. Such documents are far easier to obtain than passports.

After the Sept. 11 attacks and the 9/11 Commission report, which shed a great deal of light on the terrorist use of document fraud, the U.S. government increased the attention devoted to immigration fraud and the use of fraudulent travel documents by terrorist suspects. This emphasis on detecting document fraud, along with the widespread adoption of more difficult to counterfeit passports and visas (no document is impossible to counterfeit), has influenced jihadists, who have continued their shift away from the use of fraudulent documents (especially poor quality documents). Indeed, in many post-9/11 attacks directed against the United States we have seen jihadist groups use U.S. citizens (Jose Padilla and Najibullah Zazi), citizens of visa-waiver countries (Richard Reid and Abdulla Ahmed Ali), and other operatives who possess or can obtain valid U.S. visas such as Umar Farouk Abdulmutallab. These operatives are, for the most part, using authentic documents issued in their true identities.

Concerns expressed by the 9/11 Commission over the vulnerability created by the visa-waiver program also prompted the U.S. government to establish the Electronic System for Travel Authorization (ESTA), which is a mandatory program that prescreens visa-waiver travelers, including those transiting through the United States. The ESTA, which became functional in January 2009, requires travelers from visa-waiver countries to apply for travel authorization at least 72 hours prior to travel. This time period permits the U.S. Department of Homeland Security (DHS) to conduct background checks on pending travelers.

Growing Complexity

Counterfeit visas are not as large a problem as they were 20 years ago. Advances in technology have made it very difficult for all but the most high-end document vendors to counterfeit them, and it is often cheaper and easier to obtain an authentic visa by malfeasance — bribing a consular officer — than it is to acquire a machine-readable counterfeit visa that will work. Obtaining a genuine U.S. passport or one from a visa-waiver country by using fraudulent breeder documents (driver’s licenses and birth certificates, as Ahmed Ressam did) is also cheaper and easier. But in the case of non-visa waiver countries, this shift to the use of genuine identities and identity documents now highlights the need to secure the visa issuance process from fraud and malfeasance.

This shift to genuine-identity documents also means that most visa fraud cases involving potential terrorist operatives are going to be very complex. Rather than relying on obvious flags like false identities, the visa team consisting of clerks, consular officers, visa-fraud coordinators and Diplomatic Security Service (DSS) special agents needs to examine carefully not just the applicant’s identity but also his or her story in an attempt to determine if it is legitimate, and if there are any subtle indicators that the applicant has ties to radical groups (like people who lose their passports to disguise travel to places like Pakistan and Yemen). As in many other security programs, however, demeanor is also critically important, and a good investigator can often spot signs of deception during a visa interview (if one is conducted).

If the applicant’s documents and story check out, and there are no indicators of radical connections, it is very difficult to determine that an applicant is up to no good unless the U.S. government possesses some sort of intelligence indicating that the person may be involved in such activity. In terms of intelligence, there are a number of different databases, such as the Consular Lookout and Support System (CLASS), the main State Department database and the terrorism-specific Terrorist Identities Datamart Environment (TIDE) system. The databases are checked in order to determine if there is any derogatory information that would preclude a suspect from receiving a visa. These databases allow a number of U.S. government agencies to provide input — CLASS is tied into the Interagency Border Inspection System (IBIS) — and they allow these other agencies to have a stake in the visa issuance process. (It must be noted that, like any database, foreign language issues — such as the many ways to transliterate the name Mohammed into English — can often complicate the accuracy of visa lookout database entries and checks.)

Today the lookout databases are a far cry from what they were even 15 years ago, when many of the lists were contained on microfiche and checking them was laborious. During the microfiche era, mistakes were easily made, and some officers skipped the step of running the time-consuming name checks on people who did not appear to be potential terrorists. This is what happened in the case of a poor old blind imam who showed up at the U.S. Embassy in Khartoum in 1990 — and who turned out to be terrorist leader Sheikh Omar Ali Ahmed Abdul-Rahman. As an aside, although Rahman, known as the Blind Sheikh, did receive a U.S. visa, DSS special agents who investigated his case were able to document that he made material false statements on his visa application (such as claiming he had never been arrested) and were therefore able to build a visa fraud case against the Sheikh. The case never proceeded to trial, since the Sheikh was convicted on seditious conspiracy charges and sentenced to life in prison.

The U.S. government’s visa fraud investigation specialists are the special agents assigned to the U.S. Department of State’s DSS. In much the same way that U.S. Secret Service special agents work to ensure the integrity of the U.S. currency system through investigations of counterfeiting, DSS agents work to ensure the inviolability of U.S. passports and visas by investigating passport and visa fraud. The DSS has long assigned special agents to high fraud-threat countries like Nigeria to investigate passport and visa fraud in conjunction with the post’s consular affairs officers. In the Intelligence Reform and Terrorism Prevention Act of 2004, Congress ordered the State Department to establish a visa and passport security program. In response to this legislation, a memorandum of understanding was signed between the Bureau of Consular Affairs and the DSS to establish the Overseas Criminal Investigations Branch (OCI). The purpose of the OCI was to conduct investigations related to illegal passport and visa issuances or use and other investigations at U.S. embassies overseas. A special agent assigned to these duties at an overseas post is referred to as an investigative Assistant Regional Security Officer (or ARSO-I).

While the OCI and the ARSO-I program seemed promising at first, circumstance and bureaucratic hurdles have prevented the program from running to the best of its ability and meeting the expectations of the U.S. Congress.

Bureaucratic Shenanigans

As we’ve previously noted, there is a powerful element within the State Department that is averse to security and does its best to thwart security programs. DSS special agents refer to these people as Black Dragons. Even when Congress provides clear guidance to the State Department regarding issues of security (e.g., the Omnibus Diplomatic Security and Antiterrorism Act of 1986), the Black Dragons do their best to strangle the programs, and this constant struggle produces discernable boom-and-bust cycles, as Congress provides money for new security programs and the Black Dragons, who consider security counterproductive for diplomacy and armed State Department special agents undiplomatic, use their bureaucratic power to cut off those programs.

Compounding this perennial battle over security funding has been the incredible increase in protective responsibilities that the DSS has had to shoulder since 9/11. The bureau has had to provide a large number of agents to protect U.S. diplomats in places like Afghanistan and Pakistan and even staffed and supervised the protective detail for Afghan President Hamid Karzai for a few years. Two DSS special agents were also killed while protecting the huge number of U.S diplomats assigned to reconstruction efforts in Iraq. One agent was killed in a rocket attack on the U.S. Embassy in Baghdad and the other by a suicide car-bomb attack in Mosul.

The demands of protection and bureaucratic strangulation by the Black Dragons, who have not embraced the concept of the ARSO-I program, has resulted in the OCI program being deployed very slowly. This means that of the 200 positions envisioned and internally programmed by Bureau of Consular Affairs and DSS in 2004, only 50 ARSO-I agents have been assigned to posts abroad as of this writing, and a total of 123 ARSO-I agents are supposed to be deployed by the end of 2011. The other 77 ARSO-I positions were taken away from the OCI program by the department and used to provide more secretarial positions.

In the wake of State Department heel-dragging, other agencies are now seeking to fill the void.

The Vultures Are Circling

In a Feb. 9, 2010, editorial on GovernmentExecutive.com, former DHS Under Secretary for Border and Transportation Security Asa Hutchinson made a pitch for the DHS to become more involved in the visa-security process overseas, and he is pushing for funding more DHS positions at U.S. embassies abroad. To support his case that more DHS officers are needed for visa security, Hutchinson used the case of Umar Farouk Abdulmutallab as an example of why DHS needed a larger presence overseas.

Unfortunately, the Abdulmutallab case had nothing to do with visa fraud, and the presence of a DHS officer at post would certainly not have prevented him from receiving his initial visa. Abdulmutallab was first issued a U.S. visa in 2004, before he was radicalized during his university studies in the United Kingdom from 2005 to 2008, and he qualified for that visa according to the guidelines established by the U.S. government without fraud or deception. Of course, the fact that he came from a prominent Nigerian family certainly helped.

The problem in the Abdulmutallab case was not in the issuance of his visa in 2004. His identity and story checked out. There was no negative information about him in the databases checked for visa applicants. He also traveled to the United States in 2004 and left the country without overstaying his visa, and was not yet listed in any of the lookout databases, so his visa renewal in June 2008 in London was also not surprising.

The real problem in the Abdulmutallab case began when the CIA handled the interview of Abdulmutallab’s father when he walked into the embassy in November 2009 to report that his son had become radicalized and that he feared his son was preparing for a suicide mission. The CIA did not share the information gleaned from that interview in a terrorism report cable (TERREP), or with the regional security officer at post or the ARSO-I. (The fact that the CIA, FBI and other agencies have assumed control over the walk-in program in recent years is also a serious problem, but that is a matter to be addressed separately.) Due to that lack of information-sharing, Abdulmutallab’s visa was not canceled as it could have and should have been. His name was also not added to the U.S. government’s no-fly list.

Again, had there been a DHS officer assigned to the embassy, he would not have been able to do any more than the ARSO-I already assigned to post, since he also would not have received the information from the CIA that would have indicated that Abdulmutallab’s visa needed to be revoked.

Once again, information was not shared in a counterterrorism case — a recurring theme in recent years. And once again the lack of information would have proved deadly had Abdulmutallab’s device not malfunctioned. Unfortunately, information-sharing is never facilitated by the addition of layers of bureaucracy. This is the reason why the addition of the huge new bureaucracy called the Office of the Director of National Intelligence has not solved the issue of information-sharing among intelligence agencies.

Hutchinson is correct when he notes that the DHS must go back to basics, but DHS has numerous other domestic programs that it must master the basics of — things like securing the border, overseeing port and cargo security, interior immigration and customs enforcement and ensuring airline security — before it should even consider expanding its presence overseas.

Adding another layer of DHS involvement in overseeing visa issuance and investigating visa fraud at diplomatic posts abroad is simply not going to assist in the flow of information in visa cases, whether criminal or terrorist in nature. Having another U.S. law enforcement agency interfacing with the host country police and security agencies regarding visa matters will also serve to cause confusion and hamper efficient information flow. The problem illustrated by the Abdulmutallab case is not that the U.S. government lacks enough agencies operating in overseas posts; the problem is that the myriad agencies already there simply need to return to doing basic things like talking to each other. Getting the ARSO-I program funded and back on track is a basic step necessary to help in securing the visa process, but even that will not be totally effective unless the agencies at post do a better job of basic tasks like coordination and communication.